How To Block IP Addresses On Linux Server
Take a look at your log file (/var/log/secure for Fedora Core 4) and you will discover numerous automated ssh hacking attempts using dictionary attack. So now you have identified the offending addresses. How do you stop them?
Here comes the magic mantra which uses iptables (packet) firewall:
iptables -A INPUT -s a.b.c.d -j DROP
Replace a.b.c.d with the offending IP address. Repeat this for each of the offending IP addresses.
Filed under Computer Security, Headline News, How To, Linux, Open Source Software, Tech Note, Web, Web Hosting, Web Services | 
| 
RSS 2.0 |
Trackback this Article
| 
Email this Article
You may also like to read |
Add to Technorati Favorites
August 28th, 2006 at 9:07 am
With even less worries: only allow certain IPs to access SSH. Next to that install “knockd” to allow you to temporarily open up the firewall from the IP you are working on when you are working mobile.
August 28th, 2006 at 9:52 am
I cannot do that as I do not connect from dedicated ip addresses. I connect using a provider (BSNL) who allocated IP’s from a countrywide pool.
December 28th, 2007 at 7:57 am
It’s always good to block service access that are not required for public - for example, SSH.
May 6th, 2008 at 7:47 am
[...] Their website is http://www.kuban.mts.ru/. They appear to be legitimate mobile & internet service provider. Most likely their internet service is being abused by the spammer. Nevertheless I decided to ban this IP address from accessing my server. [...]
June 26th, 2008 at 2:18 am
[...] This bans his IP address from accessing my network. However after a reboot of my server this ban will go away. For a permanent ban you will need to additionally add this command to your /etc/rc.local file. This ensures that the ban is in effect even after a reboot of my server. – Source. [...]